Should you be concerned about cybercrime and data breaches? According to Mary Jo White, former chair of the U.S. Securities and Exchange Commission, the answer is yes. She has called cybersecurity “the biggest risk to the financial system“ and has said that stock exchanges, dark pools, and clearinghouses historically didn’t have adequate systems to deal with the threat of data theft. How can you be sure your financial data is safe?
Check Your Opt-ins Carefully
The first place to begin protecting your datais with the various opt-in and opt-out choices companies offer you. Opening an account can be a convoluted process, especially if a partnership or trust will own your account. While you’re completing forms and adding your initials to multiple clauses, make sure you’re not agreeing to sharing your data with corporate “partners.” If in doubt, ask a service representative to verify that you have opted out of each possible data-sharing choice.
Insist on a Secure Network
Don’t hesitate to ask your providers for information about their network security and insist on proof of the answers. These providers should be able to show you a written cybersecurity plan, but simply making up a plan is not enough. Ask to see proof that they regularly assess the potential risks of cyberattacks and their network security. Be sure that your financial service providers are taking cyberthreats seriously and instituting proper precautions.
Ask About Vendors and Other Outsiders
The company that you’re doing business with may be doing an outstanding job of securing data within its system, but who else will be handling your data? What type of cybersecurity policies and encryption does the business use when sharing data with vendors, remote employees, and subcontractors? How does the company monitor outside vendor compliance? These questions are all ones you may want to ask before you share your personal and financial data with a company, especially before you hand over large sums of money to a new firm.
The Law Is on Your Side
The law mandates many of these protections, and, as a consumer, you have the right to insist on cybersecurity. Data protection law in the United States can be confusing, because no single overarching federal law covers data security. “Instead, the U.S. has a patchwork system of federal and state laws and regulations that can sometimes overlap, dovetail, and contradict one another,” according to the Thomson Reuters Practical Law website, which covers international data security laws.
Data security law in the European Union is much more exacting. The Council of the European Union wrote a law commonly known as the General Data Protection Regulation or GDPR in December 2015, and in 2018, The European General Data Protection Regulation will replace it. This regulation includes a significant increase in sanctions for data security lapses.
Cybercrime is a serious threat, and your data is only as secure as the weakest system that stores it. Asking questions may seem like a nuisance, but customer insistence on data security helps drive home the message that cybersecurity needs to be taken seriously.